Overview

overview

10

Static

static

3

a813d6c17d...a8.exe

windows7-x64

10

a813d6c17d...a8.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    164s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07/01/2024, 19:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a813d6c17d580cde14f69211e6896ba8.exe

  • Size

    917KB

  • MD5

    a813d6c17d580cde14f69211e6896ba8

  • SHA1

    d1f89f814eee691442bd74438a6bab8b9c90934f

  • SHA256

    45d96504c5914dd8067b8587dfb6c3facb77ed1458231b249cfa03f85a313613

  • SHA512

    fd6369a5252c7bf3dbf01fa6615bd2c139ef315d507d08d97bc5e2354db3ed76e8ea86a045f21f895fb3304a19cbc0f6992a7ee601ef29d27af20a8f43a08d76

  • SSDEEP

    24576:F1bhaXTHK7ohRqlVvTuQ/SHerQV/QFOfWhpLEBs:FjaXTq7Cq/1eerydWhpLEBs

Score
10/10
persistence

Malware Config

Signatures

  • Modifies WinLogon for persistence 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a813d6c17d580cde14f69211e6896ba8.exe
    "C:\Users\Admin\AppData\Local\Temp\a813d6c17d580cde14f69211e6896ba8.exe"
    1⤵
    • Modifies WinLogon for persistence
    • Drops file in System32 directory
    PID:2248

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\xdccPrograms\7zG.exe
          Filesize

          956KB

          MD5

          b1c1cc15842322a6c49d7748477219af

          SHA1

          5332f72815ca60e82078cea4633afa478aeaba5e

          SHA256

          0eaff5f0caafdb0ff6f9456f0cfe26b76e26f43540aba2f2373f9d921b87a2cb

          SHA512

          93e90ad11884b4ff8bf9cfc4196e7cc14d1c068cb55c679177c0919cae92d5725b01f22e62cd1ff99890cf6934a1bcfd595c0fedf8a6af0623b4bef639fe45dc

          Download Submit

        • memory/2248-36-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-91-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-92-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-94-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-95-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-96-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-97-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-98-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-99-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-100-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-101-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-102-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2248-103-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download